Re: [Exim] can't currently verify any sender in the header l…

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Jeffrey Goldberg
CC: Marc MERLIN, exim-users
Subject: Re: [Exim] can't currently verify any sender in the header lines
On Sat, 10 Feb 2001, Jeffrey Goldberg wrote:

> As others have said, <> was invented for a reason. One of which is to
> avoid loops. You ignore it at great peril. It won't just require another
> sever with THIS patch running exim to cause a loop, but any other server
> broken in a similar way.


Exactly. That is one good reason why I do not propose to change Exim.
[Actually, I will make one change - I'll try to improve the logging so
that it is more obvious why a rejection has occurred in this case.]
The other reason is that the callback test is supposed to check whether
Exim could return a bounce to the sender. If you change the MAIL FROM
address it uses, it is no longer doing that test.

> People on this list have occassionally bemoaned the fact that with an
> error report there was no real sender information provided somewhere.


I have certainly bemoaned it. I used to wish that bounce messages were
identified in some way such as

MAIL FROM:<mailer-daemon@xxx> SIZE=xxx BOUNCE=YES

> But I think that that was a correct choice in the design of SMTP because
> if the information were there, people would use it and loops would occur.


I'm beginning to agree with you. (Not that we don't see loops - some
systems fish an address out of the body and use it. I even had one case
where a forwarding system had fished an address out of the body and
replaced the envelope sender with it as it forwarded the message.)

> If you find that callbacks "need" this patch, then don't use callbacks.


Or at least, use the options to turn them off for the mis-behaving
hosts or domains.

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.